i-drive Filo 1.0.0.1 Buffer Overflow Vulnerability
BID:1324
Info
i-drive Filo 1.0.0.1 Buffer Overflow Vulnerability
| Bugtraq ID: | 1324 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jun 07 2000 12:00AM |
| Updated: | Jun 07 2000 12:00AM |
| Credit: | Discovered by Justine Bone and publicized in an Internet Security Systems Security Advisory on June 7, 2000. |
| Vulnerable: |
i-drive Filo 1.0 1 |
| Not Vulnerable: | |
Discussion
i-drive Filo 1.0.0.1 Buffer Overflow Vulnerability
i-drive is a provider of web-based storage space where users can store downloaded files from the internet. Filo is the application used to download files to the i-drive account and a component of it is a proxy server. This proxy server is susceptible to a buffer overflow attack.
A malicious user may transmit an unusually long HTTP GET request to the proxy server which would overrun a heap buffer thus allowing for arbitrary code to be executed.
i-drive is a provider of web-based storage space where users can store downloaded files from the internet. Filo is the application used to download files to the i-drive account and a component of it is a proxy server. This proxy server is susceptible to a buffer overflow attack.
A malicious user may transmit an unusually long HTTP GET request to the proxy server which would overrun a heap buffer thus allowing for arbitrary code to be executed.
Exploit / POC
i-drive Filo 1.0.0.1 Buffer Overflow Vulnerability
see discussion
see discussion